:py:mod:`dissect.eventlog`
==========================

.. py:module:: dissect.eventlog


Submodules
----------
.. toctree::
   :titlesonly:
   :maxdepth: 1

   bxml/index.rst
   evt/index.rst
   evtx/index.rst
   exceptions/index.rst
   utils/index.rst
   wevt/index.rst
   wevt_object/index.rst
   wevtutil/index.rst


Package Contents
----------------

Classes
~~~~~~~

.. autoapisummary::

   dissect.eventlog.Evt
   dissect.eventlog.Evtx
   dissect.eventlog.CRIM




.. py:class:: Evt(fh)


   Windows Event files for WinOS up until Windows XP

   .. py:method:: __iter__()



.. py:class:: Evtx(fh, path=None)


   Microsoft Event logs

   .. py:method:: __iter__()



.. py:exception:: BxmlException


   Bases: :py:obj:`Error`

   Common base class for all non-exit exceptions.


.. py:exception:: Error


   Bases: :py:obj:`Exception`

   Common base class for all non-exit exceptions.


.. py:exception:: MalformedElfChnkException


   Bases: :py:obj:`Error`

   Common base class for all non-exit exceptions.


.. py:exception:: UnknownSignatureException


   Bases: :py:obj:`Error`

   Common base class for all non-exit exceptions.


.. py:class:: CRIM(fh: io.BufferedReader)


   Start header of the WEVT_TEMPLATE
   Holds the number of providers inside the template

   .. py:property:: file_size

      Return size of the whole file.

   .. py:method:: wevt_headers()

      Get the WEVT object for a specific provider